Should the US Go Offensive In Cyberwarfare? 276
The NYTimes has a piece analyzing the policy discussions in the US around the question of what should be the proper stance towards offensive cyberwarfare. This is a question that the Bush administration wrestled with, before deciding that the outgoing president didn't have the political capital left to grapple with it. The article notes two instances in which President Bush approved the use of offensive cyberattacks; but these were exceptions, and the formation of a general policy was left to the Obama administration. "Senior Pentagon and military officials also express deep concern that the laws and understanding of armed conflict have not kept current with the challenges of offensive cyberwarfare. Over the decades, a number of limits on action have been accepted — if not always practiced. One is the prohibition against assassinating government leaders. Another is avoiding attacks aimed at civilians. Yet in the cyberworld, where the most vulnerable targets are civilian, there are no such rules or understandings. If a military base is attacked, would it be a proportional, legitimate response to bring down the attacker's power grid if that would also shut down its hospital systems, its air traffic control system, or its banking system?"
Re:putting vital systems on the Internet (Score:2, Informative)
What country would be foolish enough to connect its power grid, hospital systems, air traffic control and it's banking system to the Internet.
The US, apparently.
Re:Offensive? (Score:5, Informative)
Re:Abso-freakin'-lutely! (Score:5, Informative)
Yes, you have a point about our standard of living but it's not only our standard of living that has caused this problem, it's also the deterioration of the quality of k-12 education in the US - especially in math.
When I did my undergrad, more often than not, kids who didn't know standard mathematical identities, were Americans. I don't see how someone who doesn't understand logs and exponents inside out can do well in a (respectable) comp sci program. Why should US companies hire mediocre US comp sci students when they can hire higher quality students overseas at a cheaper price?
There's also precident in international law (Score:3, Informative)
For example if you read the Geneva Conventions, you find that various places are "off limits" for war. Hospitals and religious places would be the big ones. The rules say you need to take care not to attack them. However, there's a flip side to the rule: You also need to take care not to use them for military purposes. So if there's a church and it is used by people as a church, no problem, that church is off limits. However if an army decides to set up shop in there are use it as a base, it just became fair game.
This happened in WWII. The Nazi's took over a monastery since it had a good position for messing with shipping in the Mediterranean. They figured that the allies wouldn't bomb it, since it was a Christian religious structure, and as with many monasteries, it was designed rather like a fortress making an infantry assault impractical. Ya well, they were wrong on the not bombing account. the place was reduced to rubble. Not something that anyone really wanted to do, but it became a valid military target when it was being used to host attacks.
Now the situation in Palestine is obviously not identical, but it is similar. While a group of houses is manifestly a civilian setup and thus not a legitimate military target, it changes if those houses are used to house fighters, weapons and launch attacks.
Re:what the US should do (Score:3, Informative)
Re:Abso-freakin'-lutely! (Score:3, Informative)
And there is the problem: who really thinks this?
I do.
The US lost its trade dominance in the '70's, long before the original FTA with Canada (later expanded into NAFTA).
GATT was around from 1948 to 1994 (before being replaced by the WTO). The period from 1948 to the late 60's was a boom period for the US, in part driven by world trade.
So by trivial empirical examination the current US mess has nothing much to do with free trade.
The real problem is that your dollar is the reserve currency and has been for thirty years, which keeps its value far higher than your industrial production and exports would on their own. That makes American manufacturers disadvantaged in world markets, and foreign good very cheap to American consumers.
In response to that reality the more-or-less explicit policy of every American administration since the '70's has been to borrow and consume rather than save and produce. Your strong imperial dollar has let you do that, until very recently. Now, unfortunately, the house of cards is collapsing, trapping you and everyone else in the rubble. This is not anyone's fault... it's just the logic of empire working itself out as it always does.
Re:Offensive? (Score:2, Informative)
What does the NSA do, exactly?
Spy on Americans?
Re:Offensive? (Score:5, Informative)
1. What makes you think they don't already have a backdoor into every copy of Windows shipped?
In effect, this has been freely admitted by Microsoft, and we've discussed it several times here on slashdot. It came up a month or so back in a story about someone who found that, even with all the automatic update stuff turned off, some "system" updates happen in Vista anyway. Turning off all the auto-update stuff doesn't stop these updates from happening. In the discussion, it has come out that this has been true since at least the early releases of XP.
In various security-related forums, it has been pointed out that this "feature" is a classical backdoor. It allows anyone with the right connections inside Microsoft to get their software installed in any machine via the automatic update mechanism. If you think that the security folks in various government agencies (in the US and other countries) don't know about this, you're rather naive. After all, it has been discussed here and in several other public net forums.
This is also a good thing to bring up when someone makes the claim that all other OSs are just as vulnerable as MS Windows. With linux and the *BSDs, we have the source available (and we can compile them ourselves if we like), so we can (and do) examine the code for such things. We can be reasonably sure that, when backdoors have been slipped into these open-source systems (and it has happened), the fact has become public very quickly and there were fixes available. With MS Windows, we don't have the source (though some agencies in the US and PRC governments have it), so we can't examine the code or recompile it. And when the stories come out about the automatic downloading of new software by Windows, Microsoft isn't even apologetic. Those backdoors are there intentionally; they're not going away; you and I have no defense against them.
Except to not use Microsoft products, of course.
(Actually, it has been pointed out that you can make MS Windows secure, but one of the requirements is that you never connect it to any kind of network. This includes removing hardware such as wifi, bluetooth, IR, USB, etc. devices ;-)
hasn't yet revealed its purpose (Score:3, Informative)
It's a spambot [washingtonpost.com]and scareware downloader [washingtonpost.com].